Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by chrizree

  1. It's a known "issue", has been discussed before in the release thread https://forums.hak5.org/topic/53473-release-hak5-cloud-c2-30x/ I had the same behavior on my Kali box with Firefox just after I upgraded my C2 instance, but for some reason it has miraculously disappeared without me doing anything specific about it. Now it just shows once as I load the Cloud C2 GUI, and after that it doesn't appear.
  2. Have you looked at the Cloud C2 setup videos that Darren has put up? Not explicitly for v3.0.0 but the ports should be the same. Not exactly sure what you mean with "selfhosted vps" but the ports needed should be the same as in the video. https://youtu.be/TIpx_ENurLY?t=378
  3. I just created a fresh VM (VirtualBox) and followed the instructions in the page you linked in your post and it all worked out well. Browsing the info.php file works without any problems and showing the expected results. Not using 20.04 though, but Ubuntu 18.04.4 LTS. Try again from scratch and see if some of the steps where unintentionally skipped and/or look for error messages while installing or restarting services, etc.
  4. Even if I haven't tried (running mine in the famous cloud), I can't see anything that really would stop you from successfully spinning up a Cloud C2 instance on the localhost and access the web interface locally on that specific machine. However, since the IPv4 address range is reserved for host loopback only, it should never be used outside of the current host (read further in RFC 1122). So, it will not be possible to connect any Hak5 devices to the locally hosted Cloud C2 instance which kind of removes the purpose of having a Cloud C2 instance up and running.
  5. What encoder are you using when creating the inject.bin file?
  6. Even though the Rubber Ducky is a useful tool, it wouldn't be my go to solution for this particular scenario. It all depends on the use case, but... even with only a small amount of Chromebooks to enroll, I would most likely select another path to glory than the little duck friend.
  7. Are you using some special character as a part of your password that might not be appreciated by the Cloud C2 instance? (Don't expose your password here though :-) )
  8. I guess you are referring to the Chromebook enrollment script that is available at https://ducktoolkit.com/ I don't have access to my Ducky at the moment, but I think that the version/variant of Ducky Script available to the Rubber Ducky doesn't allow the use of variables like that. The Bash Bunny would work though, but that's out of scope here. The below payload uses variables, but use "Ducky Script 2.0" that is not a part of the Rubber Ducky. https://github.com/hak5/bashbunny-payloads/blob/master/payloads/library/android/open_url/payload.txt
  9. Agree, the Police is the place to go, not an internet forum if truly followed with possible bad intentions behind it all. That scan list is no proof of being followed. The only thing it tells us is that it's either a severely misconfigured router or that a scan is conducted that doesn't show the true internal network of the user. Unless owning the right to use the network, it can't be used for private purposes since it's a public routable IP address range on the internet. And, as long as you aren't an official in the Comcast organisation, you can't use that range for your own
  10. You could check /sys/kernel/debug/crashlog I have reset my Pineapple so I haven't got any active VPN configuration/setup to try and I won't spend any more time on that since it's clearly not working. I just issued echo c > /proc/sysrq-trigger to force a kernel panic and that got stuck in the crashlog file so I guess the Pineapple should be set up out of the box to trap the eventual/possible kernel panic that the VPN connection produces.
  11. It is "standard procedure" when upgrading Cloud C2 to version 3.0.0. You have to assign your devices to a site. It's described in the release thread on the forum. https://forums.hak5.org/topic/53473-release-hak5-cloud-c2-30x/
  12. There is at least some degree of built in "security by obscurity" in the use of port 1471, i.e. a user won't accidentally land on the web admin GUI just by loading and some active port scan is needed to get hold of the port in use. You could alter the configuration of nginx to limit the client IP address(es) that can access the web server on the Pineapple. Use a static IP address outside of the DHCP scope and allow only that IP address to access the web admin GUI on port 1471. It's not at all bullet proof though since someone might test each address outside of the DHCP scope a
  13. I forgot a "Q" for the last DELAY in my sample script code, but it should run anyway. Since you are using the "standard" LED modes elsewhere in the script, you could use LED FINISH in the end instead of LED G, but that's just aesthetics really.
  14. First of all I would get rid of the line containing #!/bin/bash Q SET_LANGUAGE dk should be replaced by DUCKY_LANG=dk Each DELAY should have a Q or QUACK in front of them The GUI r could be deleted since it's about to do the same thing as the RUN WIN line The STRING line should also have a Q or QUACK in front of it Something like this: LED SETUP ATTACKMODE HID DUCKY_LANG=dk LED ATTACK RUN WIN "notepad" Q DELAY 450 Q STRING "Hello world" DELAY 100 LED G
  15. I have had the same experience recently, but no solution for it. It's discussed in the following thread https://forums.hak5.org/topic/53253-how-to-configure-vpn-client-to-auto-start-with-the-nano/ I've also "alerted" about the fact in the release thread for the Nano, but I guess it won't be fixed. There has been VPN kernel panics related to the Pineapple that was said to have been solved in the latest firmware release, but it seems as it wasn't 100% successful. https://forums.hak5.org/topic/51575-release-wifi-pineapple-firmware-v27x/
  16. 3.0.0 works like a charm! Update was a total breeze, thx! 🙂
  17. OK, then you are at least able to download the modules you want to get hold of. What OS are you trying to set up network sharing with? I assume that you have already followed the instructions in the official documentation (if you are using Windows or Linux). https://docs.hak5.org/hc/en-us/sections/360002204513-Internet-Connectivity Please be more detailed in describing the steps you have taken and when you get stuck in the process.
  18. Depending on what part of the world you are living in, the chance might not be missed after all. There are at least 3 resellers within the EU that has the Signal Owl in stock at the moment. More expensive, yes, but still a possible way to get hold of a brand new one.
  19. Have you tried to wrap the string with quotes? I.e. "~/Library/LaunchAgents/ >> $lootdir/LaunchAgentsUSER.txt" or... escaping the special character \~/Library/LaunchAgents/ >> $lootdir/LaunchAgentsUSER.txt
  20. You might find some answers in this thread, depends on what you mean with "what antenna does what" https://forums.hak5.org/topic/53167-which-antenna-is-for-each-radio-alfa-ac-card-help/
  21. By "can’t get pineAP to start", do you mean that clicking the Switch button under the Configuration section of the PineAP module in the web GUI of the NANO results in a Disabled state regardless how many times you click on the Switch button? I.e. PineAP Daemon: Disabled never goes into PineAP Daemon: Enabled. If so, I could replicate the problem myself on my NANO. It didn't matter how many times I clicked the Switch button, it still was in the Disabled state. Running ps at the terminal didn't show any signs of life either. So, I factory reset my NANO and went back to a clean 2.7.0 and aft
  22. OK, can you try to connect the Tetra using its Ethernet port instead of trying to get the internet connection sharing to work. Just to make sure that internet connection works at all. That is if you have some equipment that lets you connect using an Ethernet cable. I would try to get an internet connection using less "painful" methods first and then moving on to some other desired method.
  23. It seems to be a bunch of things not working judging from your output. Have you tried to run each uci command in the scripts to see which one of them that are failing? I found some that the dependency check should set, but they aren't actually set. What network interface are you using the Deauth module with? I haven't had time to go through all of the code. And that's not just the bash scripts you have tried to run manually, but also the API php file seems to have some odd code in it that doesn't spit out the desired results as I can see it.
  24. What method did you use to connect the Tetra to the internet? https://docs.hak5.org/hc/en-us/articles/360010555433-Internet-Connectivity-Basics
  25. I simply had to see if I was just "the lucky one" to not experience any problems or if I could force the problem to appear. So, now I've tested my Nano with the following cards: - Intenso MicroSDHC 4 GB Class 4 - Intenso MicroSDHC 4 GB Class 4 (yes, yet another one) - Kingston MicroSDHC 8 GB Class 10 - SanDisk Ultra MicroSDHC 8 GB Class 10 - Kingston MicroSDHC 16 GB Class 10 - SanDisk Ultra MicroSDHC 32 GB Class 10 And... they all worked! Can't seem to replicate the problems that are reported by some when it comes to SD cards and the Nano. In addition to the above
  • Create New...